cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Core Infrastructure and Security Blog
Options
1,662

Revisiting Enterprise Policy as Code v10

Heinrich_Gantenbein on May 01 2024 08:47 AM
As EPAC has reached version 10, it is time to revisit Enterprise Policy as Code (EPAC for short). We look into Release F...
2,106

Building Your Own Copilot for Credit Card Selection

fbinotto on Apr 28 2024 11:45 PM
Let's create a personalized Copilot to guide us through the sea of credit card offerings.
1,637

Controlling AKS egress using an HTTP Proxy

HoussemDellai on Apr 22 2024 09:00 AM
This is how to put your AKS cluster behind a proxy.  
10.4K

Active Directory Hardening Series - Part 4 – Enforcing AES for Kerberos

Jerry Devore on Apr 15 2024 03:01 PM
Disabling Kerberos RC4 is a top priority for many organizations today but identifying devices that don't support AES has...
3,427

Proxies, proxies everywhere but still no Internet. Overview of the Windows Proxies

WillAftring on Apr 08 2024 06:41 AM
Howdy everyone, a quick tangent from our regularly scheduled Introduction to Network Trace Analysis series to talk about...
3,464

Check This Out! (CTO!) Guide (February AND March 2024)

BrandonWilson on Apr 06 2024 07:24 PM
Welcome to the February AND March 2024 Check This Out! (CTO!) guide: Helping you to expand your horizons!
2,229

ConfigMgr: Avoiding Remote Management Point Pitfalls

PavelYurenev on Apr 04 2024 09:00 AM
ConfigMgr architect advice: do not install Management Points in the remote locations!
5,008

Get Azure Reservations and Savings Plans Insights with the Azure Optimization Engine

hspinto on Apr 01 2024 12:00 AM
When adopting Azure commitments, customers face typically two types of challenges: 1) Estimating the quantities or amoun...
2,900

Securing Monitoring Services

khgandhi on Mar 28 2024 09:46 AM
Howdy Readers!
2,351

Azure Monitor: Create Dedicated Clusters Using Any Commitment Tier

Bruno Gabrielli on Mar 21 2024 01:00 AM
Looking for an easy way to create an Azure Monitor Logs Dedicated Cluster using any pricing tier? Here we go with a simp...
15.3K

Archive MDE Data to Event Hubs to ADX

Paul Bergson on Mar 19 2024 04:30 AM
Embark on a journey through the digital landscape as we uncover the secrets of exporting data from Defender for Endpoint...
4,194

Mastering Azure Cost Optimization - A Comprehensive Guide

fbinotto on Mar 14 2024 01:30 AM
A comprehensive guide to Azure cost optimization.
5,611

Azure PowerShell Tips and Tricks

PaulHarrison on Mar 11 2024 03:00 AM
Tips and tricks for using PowerShell and REST APIs in Azure.
4,059

Optimize Your Azure Costs

sairashaik on Mar 06 2024 06:01 PM
This article will provide guidance to the customers who wants to Optimize their Azure costs by providing tools and resou...
14.9K

Active Directory Hardening Series - Part 3 – Enforcing LDAP Signing

Jerry Devore on Mar 04 2024 06:38 AM
In this series my goal is to help you understand how to move forward with confidence by better understanding the changes...
25K

Zero Trust: Rapid Offboarding with Intune and Microsoft Entra ID

Jason Cody on Feb 29 2024 07:12 AM
A guide for using Microsoft Entra ID and Microsoft Intune to prevent user authentication on Entra ID joined devices, whi...
4,542

ConfigMgr Windows Update Compliance Reporting FAQ

jonasoh on Feb 26 2024 03:35 AM
ConfigMgr Windows update compliance reporting FAQ for high patch compliance percentage
3,007

Quick, Check It Out Before It's Too Late! Azure Cost Optimization At It's Finest!

BrandonWilson on Feb 21 2024 08:22 PM
Hi everyone...a bit late to the party, but here are some sessions to help you save more on your Azure costs!
37.1K

Protecting Tier 0 the Modern Way

DagmarHeidecker on Feb 19 2024 04:15 AM
Almost every attack on Active Directory you hear about today – no matter if ransomware is involved or not – (ab)uses cre...
15.9K

Check This Out! (CTO!) Guide (January 2024)

BrandonWilson on Feb 18 2024 04:35 PM
Welcome to the January 2024 Check This Out! (CTO!) guide: Helping you to expand your horizons!
5,673

Protect unmanaged or 3rd party MDM managed iOS/Android devices with MDE

Arnab Mitra on Feb 15 2024 11:59 AM
A guide to using Microsoft Defender for Endpoint as a mobile threat defense solution for Unmanaged (personal) and 3rd pa...
5,746

Test your Patches! A Staged Patching Solution with Azure Update Manager

hspinto on Feb 12 2024 12:00 AM
A common challenge faced by most enterprise organizations who, hopefully, automate their operating systems patching cycl...
15.8K

Monitoring for an Azure Server Going Offline

Paul Bergson on Feb 05 2024 04:13 AM
Azure Monitor is a beneficial tool that has low costs for logs that are already in the tool. The main expenses for Azure...
27.8K

Migrating from the Azure MMA to AMA Agent

Paul Bergson on Jan 29 2024 05:20 AM
I have another conversation about the sunset of the Microsoft Monitoring Agent (MMA). Back on November 13, 2023 I posted...
3,929

Collect Event Ids using Azure Monitor Agent

Bindusar on Jan 23 2024 08:27 AM
In this guide we will configure Azure Monitor Agent and Log Analytics workspace to collect event ID from Windows devices...
7,029

Zero Touch Enrollment of MDE on iOS/iPadOS devices managed by Intune

Arnab Mitra on Jan 18 2024 08:50 AM
A guide for IT administrators to Zero Touch (silently) deploy and activate Microsoft Defender for Endpoint on Intune man...
3,764

ConfigMgr CMG Least Privilege Setup Approach

jonasoh on Jan 15 2024 03:31 AM
Setup guide for ConfigMgr CMG without Global Admin permissions used in ConfigMgr console
7,681

Intune iOS/iPadOS Management In a Nutshell

jonasoh on Jan 08 2024 05:18 AM
A brief overview of how to manage iOS and iPadOS devices with Microsoft Intune and how to get started
16K

Check This Out! (CTO!) Guide (December 2023)

BrandonWilson on Jan 07 2024 10:40 AM
Welcome to the December 2023 Check This Out! (CTO!) guide: Helping you to expand your horizons!
6,227

Onboarding Intune Managed iOS User Enrollment Devices to Microsoft Defender for Endpoint

Arnab Mitra on Jan 03 2024 01:39 PM
A guide for administrators to configure and deploy Microsoft Defender for Endpoint on Intune managed iOS devices that ar...

Latest Comments

SocInABox
in Microsoft Defender for Endpoint Commonly Used Queries and Examples on May 13 2024 08:09 AM
if anyone knows any good/comprehensive kql queries for asset inventory I'd appreciate it.i.e. inclusive of all assets in defender for endpoint including workstations, servers, network devices etc.
0 Likes
Asjad_Farrukh
in MBAM Server Migration To Microsoft Endpoint Manager on May 13 2024 04:57 AM
JMSANTOS Copper Contributor‎Jun 10 2021 06:51 AM Any instructions about what to do with the MBAM client installed in the workstation? Should we uninstall it before we escrow the BitLocker recovery key? Once you backup the recovery keys to AD, you uninstall the client or you can wait till the BitLock...
0 Likes
Kili
in Protecting Tier 0 the Modern Way on May 12 2024 11:07 PM
Hello @NateBarkei , @ckuever0983 , can you validate the Kerberos amoring is enabled on this computer? Logon with a domain account and run klist and validate the TGT Cach Flags are 0x40 (FAST) enabled. If the FAST option is not enabled on the TGT validate the group policy settings ona) domain control...
0 Likes
NateBarkei
in Protecting Tier 0 the Modern Way on May 11 2024 08:04 PM
Exactly the same problem as @ckuever0983 above. Brand new forest/domain (Server 2022) to test this out and always get: A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions. If this is working properly should event 4820 provide a device n...
0 Likes
Michael54
in Part 2 - You Might Want to Audit Your LAPS Permissions.... on May 10 2024 08:46 AM
Hello, i setup Legacy Microsoft LAPs when it came out but did not "fully deploy" it. i have tried since then to reverse it all and i did accomplish alot so far. i can now confirm that regular users cannot run to get passwords. i have removed the groups that i created to have "extended rights". my ad...
0 Likes